So I do not have a plex account. I host a LOCAL server (no need to access out of home). Normally, when I double click the plex tray icon, it opens up my server in my browser. NOW it brings me to the log in page rather than my library and I have to manually type in the local IP to get to my library.
Why the change plex? What gives? Please fix this ASAP as it is extremely inconvenient.
It was an intentional change. Info here towards the bottom on how to remove the requirement to
claim New Claiming Requirement for Windows
When it says that “It’s possible this exception may go away in the future, though.”…does this mean that we can no longer use Plex Media Server without claiming it AT ALL? Or is it just saying that in order to access it locally, we have to enter deviceip:32400/web in the URL bar instead or double clicking the tray icon?
I am a bit confused here. Are you saying that you can no longer set up a LOCAL plex media server without an account?
For now the option is the use the method mentioned at the bottom of that notice in order not have to claim it. Yes it means that is possible that method may go away.
I don’t think a final decision has been made about it but has been discussed as far as I know.
though if you are running a current version of server I’m not sure how opening browser and typing in local IP is working if you have not used the method to remove requirement.
Uh…getting rid of the ability to use Plex WITHOUT an account LOCALLY is HUGE mistake. Are you guys serious about this? In that case I’d probably just use an older version of Plex Media Server forever. That is absolutely ridiculous. Why woudn’t you want people using Plex LOCALLY without accounts? Please explain this terrible decision? What is the problem with this if you are just using it LOCALLY? It doens’t let you access it remotely when you’re not logged in, so what is the issue?
Also yes, the browser method works fine?
So to confirm, are you saying that pretty soon I will NO LONGER be able to use plex media server AT ALL locally without signing in?
Thank you for the feedback. I will pass it along to the team that handles that.
Can you explain this a bit more though? What is the problem with people using plex media server locally without an account? If you do not log in, you cannot access it remotely anyway, so what is the big deal if you’re only using it on your local network? Am I missing something here?
Why is stated in the announcement I posted which is mainly do to potential security risks of an open PMS. I’m not personally part of the team that did that work but I will pass along your concerns to them.
Can you explain the security risks exactly? I don’t understand. If I am using Plex on my local network only and I have control over my network, what is the risk? You cannot access the server remotely when it’s unclaimed I thought.
Your individual self may have a very secure network but many folks don’t. Some folks do things like go a a coffee shop get on open wifi on laptop with their server running. Have room mates or guests who are not very nice or similar situation where folks don’t think about network security properly.
Even folks who work in security forget to secure their stuff. LastPass Hack: Engineer's Failure to Update Plex Software Led to Massive Data Breach
Okay. Can you PLEASE forward my request over to the team to LEAVE the option to use it insecurely? I mean come on…I only use Plex locally. I have zero need for an account. It would be a SHAME to have to not use Plex anymore over this. I’ve been using Plex for years and would love to keep using it…Also I wouldn’t want to use an old version of plex media server forever becuase I would miss out on all of the updates and obviously using the newest version of a program is safer.
Also yes, the browser method is working for me even without having to do that workaround that you posted. I’m fine with using the browser method but PLEASE don’t get rid of that!
In the hacking example you posted, that person was breached through theiR PLEX ACCOUNT REMOTELY. In my case, I don’t even have an account and have no way to access the server remotely…so this vulnerability wouldn’t have affected me. you see where I’m going with this?
"This issue allowed an attacker with access to the server administrator’s Plex account to upload a malicious file via the Camera Upload feature and have the media server execute it
I ONLY EVER access my plex account on my local network.
I was just meant as an example of lack security even by those who would expect to be better about it. Sorry I did not mean to confuse/dilute your concern.
No I understand and I appreciate the assistance. I’m just concerned about Plex removing the ability to use the server without an account. So what would happen if they went forward with this change? The browser method wouldn’t even work anymore? The one where you type http://device.ip:32400/web?
Yes, I don’t know, but it works anyway. Please don’t remove this!
As far as I understand it would not work. Like I intimated I am surprised it works now for you without setting enableLocalSecurity to false if you are running the current server version.
Again thank you for the feedback.
You will not be affected and may continue as you were nor need to do anything special when upgrading if:
You have an existing installation that has never been claimed/signed-in.
The above is from the page you linked to the changes. Is this why i am still able to access it via the browser URL? Because it was an existing server that was never claimed/signed-in?
yeah i was just about to mention that line which i missed. I think that is why you can do it via IP still
Okay. So as long as I hold onto my registry keys, I can keep using it as normal? Because I tested it by doing a full uninstall/completely wiped it off my machine (including deleting registry keys). Then I reinstalled plex media server, imported my registry keys, and then imported my appdata folder and everything still works like before. So as long as I hold onto my original registry keys, I can keep using it unclaimed?
